Question

FreeBSD droplet ssh - only worked when id_rsa had 644 permission

Posted February 12, 2016 1.8k views
Security

Hi all,

Had lots of troubles ssh'ing into my new FreeBSD droplet until I set the id_rsa permissions to 644. 600 did not work and it gave the following error:

debug1: key_load_private_type: Permission denied

Is 644 permission for the ssh private key OK? Should I be worried?

Permissions for ~/.ssh:

mike@mike-laptop:~$ stat -c "%a" .ssh
700

Permissions for ~/.ssh/ialavtsdb1 (folder which has FreeBSD droplet keys):

mike@mike-laptop:~/.ssh$ stat -c "%a" ialavtsdb1
755

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello,

This seems like a client-side issue, and no, it’s generally not a good idea to grant read access to your private key to any users besides yourself. Which OS is your laptop running? On my mac, the private key has -rw——- permissions, and my public key is set to -rw-r–r–.

Also, ~/.ssh/ is set to drwx——. This setup works well for me.

Regards,
Eris
Platform Support Specialist

Submit an Answer